[Code of Federal Regulations]
[Title 32, Volume 1, Parts 1 to 190]
[Revised as of July 1, 1998]
From the U.S. Government Printing Office via GPO Access
[CITE: 32CFR159a.80]

[Page 857]
 
                       TITLE 32--NATIONAL DEFENSE
 
              CHAPTER I--OFFICE OF THE SECRETARY OF DEFENSE
 
PART 159a--INFORMATION SECURITY PROGRAM REGULATION--Table of Contents
 
                   Subpart M--Special Access Programs
 
Sec. 159a.80  Policy.


    It is the policy of the Department of Defense to use the security 
classification categories and the applicable sections of E.O. 12356 and 
its implementing ISOO Directive, to limit access to classified 
information on a ``need-to-know'' basis to personnel who have been 
determined to be trustworthy. It is further policy to apply the ``need-
to-know'' principle in the regular system so that there will be no need 
to resort to formal Special Access Programs. Also, need-to-know control 
principles shall be applied within Special Access Programs. In this 
context, Special Access Programs may be created or continued only on 
specific showing that:
    (a) Normal management and safeguarding procedures are not sufficient 
to limit ``need-to-know'' or access; and
    (b) The number of persons who will need access will be reasonably 
small and commensurate with the objective of providing extra protection 
for the information invoved.